The US cybersecurity agency CISA last week warned organizations about critical- and high-severity vulnerabilities discovered by researchers in a human-machine interface (HMI) product made by Taiwan-based Weintek. According to CISA, the impacted product, the Weintek cMT HMI, is used worldwide, including in critical manufacturing organizations, which are considered part of critical infrastructure. The vendor has […]
Venture capital firm SYN Ventures announced this week the first closing of a $75 million cybersecurity seed fund, which the company describes as “the largest cyber seed dedicated fund domiciled in the United States”. The new Seed Fund I brings the firm’s total assets under management to more than $600 million. The final closing is […]
German software maker SAP this week announced the release of seven new and two updated security notes as part of its October 2023 Security Patch Day. The most severe of the security notes brings an update to the Chromium browser in SAP Business Client, which contains 37 fixes, including two critical- and 20 high-severity vulnerabilities. […]
A notorious ransomware gang has claimed attacks against two government institutions this week, both of which confirmed they faced a range of issues due to the incidents. The city of Gondomar – a suburb about 20 minutes away from the Portuguese city of Porto – said on September 27 that it was the target of […]
Mozilla issued a warning this week over malicious websites offering Thunderbird downloads after a ransomware group was caught using this technique to deliver malware. Cybersecurity journalist Brian Krebs reported last week that a website where the Snatch ransomware group names victims had been leaking data, including visitor IPs and information on internal operations. According to […]
The U.S.Homeland Security Department this week will convene the first-of-its-kind cybersecurity summit with leaders from Latin America, which has increasingly become a hotbed for criminal digital activity and influence efforts by China. The two-day “Western Hemisphere Cyber Conference,” which will be attended by nearly two dozen nations and kicks off Wednesday, was inspired by a […]
Canada’s largest airline announced a data breach this week that involved the information of employees, but said its operations and customer data was not impacted. Air Canada, one of the world’s oldest airlines running more than 1,300 flights a day, released a statement on Wednesday explaining a recent data breach. The company did not respond […]
Atlassian this week announced patches for four high-severity vulnerabilities impacting its Jira, Confluence, Bitbucket, and Bamboo products. Tracked as CVE-2023-22513 (CVSS score of 8.5), the most severe of these issues is described as a remote code execution (RCE) bug in Bitbucket that could impact confidentiality, integrity, and availability. An authenticated attacker can exploit the flaw […]
The US Department of Defense (DoD) this week published an unclassified summary of its 2023 Cyber Strategy, outlining plans for both offensive and defensive efforts. One key focus of the 2023 Cyber Strategy is the commitment to boost the cyber capabilities of allies and partners, and to increase collective resilience against cyberattacks. This includes augmenting […]